[erlang-questions] how: Removing atoms from the atom table
Wed Nov 14 23:47:47 CET 2007
On Nov 14, 2007 4:42 PM, Juan Jose Comellas <juanjo@REDACTED> wrote:
> In my current project I'm finding that using atoms for certain IDs in the
> system is very comfortable, but they introduce a potential security problem.
> Right now, we receive some messages from (possibly hostile) external sources
> with fields that we store internally as atoms. The problem is that to check
> whether the fields in the message are valid we must convert them to atoms,
> and by doing this we consume entries from the global atom table even if the
> values of the fields were bogus. Thus, this mechanism could be used to
> exploit the system and exhaust the atom supply.
> My question is the following: would it be possible to add a BIF to
> explicitly remove an atom from the global atom table?
Isn't list_to_existing_atom/1 enough for this?
More information about the erlang-questions